We welcome your feedback about MITRE Engage™ v0.9 Beta: Email us at engage@mitre.org

Motivation

Encourage an adversary to conduct part or all of their mission.

Motivation is used to encourage an adversary to conduct part or all of their mission by providing a target-rich environment. To do this, the defender can use unpatched versions of operating systems and software, remove end-point detection software, and use weak passwords. Additionally, the defender can open firewall ports, add proxy capabilities, or introduce elements that an adversary can easily leverage to bypass an obstacle in their operations. Finally, the defender can include enticing data to the environment to encourage the adversary to steal the data.

Details
ID: EAP0007
Type:  Engagement
Goals:  Elicit

Activities

Activity NameDescriptionID
Application Diversity Present the adversary with a variety of installed applications and services. EAC0006
Artifact Diversity Present the adversary with a variety of network and system artifacts. EAC0022
Detonate Malware Execute malware under controlled conditions to analyze its functionality. EAC0013
Information Manipulation Conceal and reveal both facts and fictions to support a deception story EAC0015
Personas Create fictitious human user(s) through a combination of planted data and revealed behavior patterns. EAC0012
Network Diversity Use a diverse set of devices on the network to help establish the legitimacy of a decoy network. EAC0007